5000 Series Layer 2/3 Managed Data Center Switch CLI Reference Guide
1190
Parameters
sequence-number
(Optional) The sequence number of the prefix list entry.
deny
Enter to deny the specified Ethernet layer 2 packet.
permit
Enter to permit the specified Ethernet layer 2 packet.
srcmac
Enter to identify the source MAC address of the rule.
any
Any MAC source or destination address.
dstmac
Enter to identify the destination MAC address of the rule.
ethertypekey
(Optional) Enter a keyword to specify an Ethertype (appletalk, arp,
ibmsna, ipv4, ipv6, ipx, mplsmcast, mplsucast, netbios, novell, pppoe,
rarp).
Eq 0-4095
Specify a VLAN value.
range
Specify a VLAN range.
cos
0-7
Enter to c onfigure a match condition based on a COS value.
secondary-cos
Configure a match condition based on secondary COS value.
secondary-vlan
Configure a match condition based on secondary VLAN.
log
Enter to configure logging for this access list rule.
time-range
time-range-name
(Optional) Enter a time-range parameter to impose a time limit on the
MAC ACL rule.
assign-queue
queue-id
(Optional) Enter the assign-queue parameter to specify a particular
hardware queue for handling traffic that matches the rule.
mirror
(Optional) Allows the traffic matching of the rule to be copied to the
specified slot/port while the redirect parameter allows the traffic
matching this rule to be forwarded to the specified slot/port.
redirect
Configure the packet redirection attribute.
slot/port
(Optional) Enter the slot / port values.
rate-limit
rate burst-size
(Optional) Set the rate-limit to permit only the allowed rate of traffic as
per the configured rate in kbps, and burst-size in kbytes.
The
sequence-number
specifies the sequence number for the ACL rule. The sequence number is
specified by the user or is generated by device.
If a sequence number is not specified for the rule, a sequence number that is 10 greater than the last
sequence number in ACL is used and this rule is placed in the end of the list. If this is the first ACL rule in
the given ACL, a sequence number of 10 is assigned. If the calculated sequence number exceeds the
maximum sequence number value, the ACL rule creation fails. A rule cannot be created that duplicates
an already existing one and a rule cannot be configured with a sequence number that is already used for
another rule.
For example, if user adds new ACL rule to ACL without specifying a sequence number, it is placed at the
bottom of the list. By changing the sequence number, the user can move the ACL rule to a different
position in the ACL.
The Ethertype may be specified as either a keyword or a four-digit hexadecimal value from 0x0600-
0xFFFF. The currently supported ethertypekey values are: appletalk, arp, ibmsna, ipv4, ipv6, ipx,
mplsmcast, mplsucast, netbios, novell, pppoe, rarp. Each of these translates into its equivalent Ethertype
value(s).